admin_main.php 给力搜索小偷开源源码 3.0源码程序 - ASP源码程序

www.gusucode.com > 给力搜索小偷开源源码 3.0源码程序 > admin/admin_main.php
    <?
include('data.php');
if($_COOKIE['x_Cookie']!=$adminname or $_COOKIE['y_Cookie']!=md5($password)){
	echo"<script>location.href='index.php';</script>";
	exit;
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312" />
<title>基本信息</title>
<script>
function chk(){
	if(form.name.value==''){
		alert('不好意思首页标题为空!');
		return false;
	}
	if(form.site_url.value==''){
		alert('不好意思网站URL为空!');
		return false;
	}
	if(form.site_name.value==''){
		alert('不好意思内容页标题为空!');
		return false;
	}
	if(form.value.value==''){
		alert('不好意思按扭标题为空!');
		return false;
	}
	if(form.home.value==''){
		alert('不好意思设为主页标题为空!');
		return false;
	}
	if(form.icp.value==''){
		alert('不好意思备案号为空!');
		return false;
	}
	if(form.icp.value==''){
		alert('不好意思缓存地址为空!');
		return false;
	}
	if(form.domain.value==''){
		alert('不好意思首页LOGO为空!');
		return false;
	}
	if(form.logoyy.value==''){
		alert('不好意思搜索页LOGOL为空!');
		return false;
	}
}
</script>
</head>

<body>
<?
$id=$_GET['id'];
if($id=='man'){
	include '../config.php';
?>
<form method="POST" action="?id=save" id="form" name="form" onSubmit="return chk();">
<table width="488" border="1" align="center" bordercolor="#666666">
  
    <tr>
      <td colspan="4" align="center" ><strong>基本信息修改</strong></td>
    </tr>
  <tr>
    <td>首页标题：</td>
    <td><input name="name" type="text" id="name" value="<? echo $name; ?>" /></td>
  </tr>
  <tr>
    <td>网站URL：</td>
    <td><input name="site_url" type="text" id="site_url" value="<? echo $site_url; ?>" /></td>
  </tr>
  <tr>
    <td>内容页标题：</td>
    <td><input name="site_name" type="text" id="site_name" value="<? echo $site_name; ?>" /></td>
  </tr>
  <tr>
    <td>按扭标题：</td>
    <td><input name="value" type="text" id="value" value="<? echo $value; ?>" /></td>
  </tr>
  <tr>
    <td>设为主页标题：</td>
    <td><input name="home" type="text" id="home" value="<? echo $home; ?>" /></td>
  </tr>
  <tr>
    <td>备案号：</td>
    <td><input name="icp" type="text" id="icp" value="<? echo $icp; ?>" /></td>
  </tr>
  <tr>
    <td>缓存地址：</td>
    <td><input name="domain" type="text" id="domain" value="<? echo $domain; ?>" /> 不要加http://与结尾/</td>
  </tr>
  <tr>
    <td>首页LOGO：</td>
    <td><input name="logo" type="text" id="logo" value="<? echo $logo; ?>" /></td>
  </tr>
  <tr>
    <td>搜索页LOGO：</td>
    <td><input name="logoyy" type="text" id="logoyy" value="<? echo $logoyy; ?>" /></td>
  </tr>
  <tr>
    <td>&nbsp;</td>
    <td><input name="cmdSave" type="submit" id="cmdSave" value="登录"/>
    &nbsp;&nbsp;
      <input type="reset" name="reset" value="重置" /></td>
  </tr>
</table>
</form>
</body>
</html>
<?php
}elseif ($id=='save'){
	include '../config.php';
	

	//$strreplace = str_replace("\r\n",";",$_POST['strreplace']); 
 $con='<?php'."

 \r\n".'$name='.'"'.$_POST['name'].'"'.";
 \r\n".'$site_url='.'"'.$_POST['site_url'].'"'.";
 \r\n".'$site_name='.'"'.$_POST['site_name'].'"'."; 
 \r\n".'$value='.'"'.$_POST['value'].'"'."; 
 \r\n".'$home='.'"'.$_POST['home'].'"'."; 
 \r\n".'$icp='.'"'.$_POST['icp'].'"'."; 
 \r\n".'$domain='.'"'.$_POST['domain'].'"'."; 
 \r\n".'$logo='.'"'.$_POST['logo'].'"'.";
 \r\n".'$logoyy='.'"'.$_POST['logoyy'].'"'."; 
 \r\n?>";
 $httpdcon="[ISAPI_Rewrite]
 \r\n# 3600 = 1 hour
 \r\nCacheClockRate 3600
 \r\nRepeatLimit 32
 \r\n# Block external access to the httpd.ini and httpd.parse.errors files
 \r\nRewriteRule /httpd(?:\.ini|\.parse\.errors).* / [F,I,O]
 \r\n# Block external access to the Helper ISAPI Extension
 \r\nRewriteRule .*\.isrwhlp / [F,I,O]
 \r\nRewriteRule /s\?wd=(.*) /s\.php\?wd=$1
 \r\nRewriteRule /s\?bs=(.*)&f=8&wd=(.+) /s\.php\?bs=$1&f=8&wd=$2
 \r\nRewriteRule /s\?bs=(.*)&f=3&wd=(.*)&oq=(.*)&rsp=(.*)&sugT=(.*) /s\.php\?bs=$1&f=3&wd=$2&oq=$3&rsp=$4&sugT=$5
 \r\nRewriteRule /s\?bs=(.*)&f=8&wd=(.*) /s\.php\?bs=$1&f=8&wd=$2";

	if(preg_match("/require|include|REQUEST|eval|system|fputs/i", $con)){   
    echo "<script>alert('含有非法字符！');location.href='?id=man';</script>";
}   
else{
$cDir = $_POST['erji']; 
if ($cDir==""){
$cDira="../";
}else{
$cDira="../../";
}
if (! is_dir ( $cDir )) { 
mkdir ( $cDir, '0777' ); 
} 
	$fp=fopen("../config.php","w");
	fwrite($fp,$con);
	fclose($fp);
	$httpdfp=fopen($cDira."httpd.ini","w");
	fwrite($httpdfp,$httpdcon);
	fclose($httpdfp);
	echo"<script>alert('修改成功！');location.href='?id=man';</script>";
	exit;
}
}
?>